CVE-2026-2628 | All-in-One Microsoft 365 & Entra ID and Azure AD SSO Login Plugin improper authentication

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability, which was classified as critical, has been found in All-in-One Microsoft 365 & Entra ID and Azure AD SSO Login Plugin up to 2.2.5 on WordPress. Affected is an unknown function. This manipulation causes improper authentication.

This vulnerability is handled as CVE-2026-2628. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-2628 | All-in-One Microsoft 365 & Entra ID and Azure AD SSO Login Plugin improper authentication

Post correlati

CVE-2024-5025 | Memberpress Plugin up to 1.11.29 on WordPress arglist cross site scripting

CVE-2024-22178 | Open Automation Software OAS Platform 19.00.0057 OAS Engine Save Security Configuration file inclusion (TALOS-2024-1951)

CVE-2024-4610 | Arm Bifrost GPU Kernel Driver up to r40p0 use after free

CVE-2024-53059 | Linux Kernel up to 6.11.6 iwl_mvm_send_recovery_cmd buffer overflow